aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Fixed a minor vulnerability in which a malformed ASN.1 length field could ↵5.1.2rc1Andreas Steffen2014-02-141-0/+1
| | | | cause a crash of the charon daemon if the verbose debug level 3 (raw hex dump) for the asn subsystem is enabled.
* conf: Fix installation on FreeBSDTobias Brunner2014-02-131-2/+2
| | | | Apparently, the -t option for install is not portable.
* pacman.sh creates /etc/pts/dists directory if it doesn't exist yetAndreas Steffen2014-02-131-0/+1
|
* NEWS: Add strongswan.conf changes and IPComp fixesTobias Brunner2014-02-131-0/+24
|
* conf: The use of $^ is not portableTobias Brunner2014-02-131-3/+6
| | | | | Generating strongswan.conf.5.main in a subshell gets the file properly written to the builddir in out-of-tree builds.
* printf-hook-glibc: printf.h on FreeBSD 10 does not include stdargs.hTobias Brunner2014-02-131-1/+1
|
* array: Fix compilation on FreeBSDTobias Brunner2014-02-131-2/+2
|
* Merge branch 'modular-load'Tobias Brunner2014-02-12270-2427/+4724
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Introduces a new configuration file layout. strongswan.conf is now only very simple and mainly includes the config snippets from the strongswan.d and strongswan.d/charon directories (the latter containing snippets for individual plugins). Config snippets with commented defaults are generated for all currently defined settings and are installed if they don't exist yet and the respective plugin/component is enabled. Similarly, the strongswan.conf(5) man page, which documents all these settings, is automatically generated from the same source. The config snippets are also installed in $prefix/share/strongswan so existing files can be compared to the most current defaults. As an alternative to the non-extensible charon.load option, the plugins to load can now be determined via the respective charon.plugins.<name>.load setting. This functionality is enabled by the new default strongswan.conf file (via the charon.load_modular option) and the load setting in the generated config snippets of all enabled plugins. The load setting optionally takes a numeric priority value that allows reordering the plugins (plugins with the same priority are ordered according to the default plugin order). Additionally, all settings that were formerly defined in library specific "global" sections are now application specific. For instance, instead of configuring libstrongswan.plugins.random.random and affecting charon, charon-cmd, pki, basically every application using libstrongswan, the option can now be set individually for each application (e.g. pki.plugins.random.random to affect only pki). The old options are still supported though, which actually allows to define defaults for all applications in the libstrongswan section. The libtls options are mapped to <app>.tls. The libimcv and libtnccs options are mapped to <app>.imcv and <app>.tnc, respectively (while their plugin's options are now under <app>.plugins together with all the others). Fixes #475.
| * conf: Install config files world-readable but warn about permissions for ↵Tobias Brunner2014-02-1212-15/+28
| | | | | | | | certain options
| * conf: Document variables and config files/dirsTobias Brunner2014-02-121-2/+22
| |
| * Add Python and pkg-config as requirements to HACKINGTobias Brunner2014-02-121-0/+2
| | | | | | | | | | pkg-config is probably installed on most systems by default, but e.g. not on Cygwin.
| * conf: Only install config snippets for enabled componentsTobias Brunner2014-02-122-3/+23
| |
| * conf: Document options of other programsTobias Brunner2014-02-126-1/+68
| |
| * conf: Document options of plugins in libptsTobias Brunner2014-02-125-0/+57
| |
| * libpts: Move settings to <ns>.plugins with fallback to libimcvTobias Brunner2014-02-128-24/+25
| |
| * conf: Document libimcv optionsTobias Brunner2014-02-129-0/+64
| |
| * libimcv: Move settings to <ns>.imcv and <ns>.plugins with fallbackTobias Brunner2014-02-1210-22/+32
| |
| * conf: Document libtnccs optionsTobias Brunner2014-02-126-1/+25
| |
| * libtnccs: Move settings to <ns>.tnc and <ns>.plugins with fallbackTobias Brunner2014-02-127-9/+12
| |
| * attr: Silently skip over load optionTobias Brunner2014-02-121-0/+4
| |
| * Prevent 'make distcheck' from complaining about config files we leave in /etcTobias Brunner2014-02-121-0/+3
| |
| * conf: Create automatically generated config snippets in build dirTobias Brunner2014-02-121-3/+8
| |
| * conf: Install config snippets in /usr/share/strongswan/templates/config tooTobias Brunner2014-02-121-0/+7
| |
| * conf: Only install config snippets if they don't exist yetTobias Brunner2014-02-121-7/+13
| |
| * conf: Move load-tester options to plugin specific fileTobias Brunner2014-02-122-130/+133
| |
| * conf: Options of all plugins documentedTobias Brunner2014-02-1249-31/+574
| | | | | | | | Some options are still missing descriptions though.
| * conf: Add logger example configTobias Brunner2014-02-124-50/+66
| |
| * conf: Converted charon optionsTobias Brunner2014-02-121-1/+290
| |
| * conf: Split strongswan.conf(5) man page and use generated snippetTobias Brunner2014-02-126-1782/+741
| |
| * conf: Generate groff snippet for configuration optionsTobias Brunner2014-02-121-2/+6
| |
| * conf: Generate strongswan.conf(5) man page in different directoryTobias Brunner2014-02-125-3/+7
| |
| * conf: Generate and install config sippets for option descriptionsTobias Brunner2014-02-127-6/+103
| | | | | | | | | | The strongswan.d directory is also created relative to the configured location of strongswan.conf.
| * conf: Script to convert option descriptions to man page and config snippets ↵Tobias Brunner2014-02-121-0/+337
| | | | | | | | added
| * conf: Create /etc/strongswan.d directory and include .conf filesTobias Brunner2014-02-122-0/+5
| |
| * conf: Simplified strongswan.conf templateTobias Brunner2014-02-121-27/+2
| |
| * conf: Install strongswan.conf template from a separate directoryTobias Brunner2014-02-125-7/+7
| |
| * settings: Add support to enumerate sections and key/value pairs with fallbacksTobias Brunner2014-02-123-45/+187
| |
| * settings: Implement subsections and key/value pairs with sorted arraysTobias Brunner2014-02-121-68/+74
| | | | | | | | | | | | Is a bit more memory efficient (also due to lazy instantiation) and lookups for sections with lots of subsections/keys (e.g. charon.plugins) are faster.
| * array: Add fallback for qsort_r using thread-local valueTobias Brunner2014-02-124-3/+50
| | | | | | | | Cygwin for example does not support qsort_r.
| * plugin-loader: Optionally use load option in each plugin section to load pluginsTobias Brunner2014-02-123-4/+153
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This now works because all plugins use the same config namespace. If <ns>.load_modular is true, the list of plugins to load is determined via the value of the <ns>.plugins.<name>.load options. Using includes the following is possible: charon { load_modular = yes plugins { include strongswan.d/charon/*.conf } } charon-cmd { load_modular = yes plugins { include strongswan.d/charon-cmd/*.conf } } Where each .conf file would contain something like: <name> { load = yes <option> = <value> } To increase the priority of individual plugins load = <priority> can be used (the default is 1). For instance, to use openssl instead of the built-in crypto plugins set in strongswan.d/charon/openssl.conf: openssl { load = 10 } If two plugins have the same priority their order in the default plugin list is preserved. Plugins not found in that list are ordered alphabetically before other plugins with the same priority.
| * array: Add array_bsearch functionTobias Brunner2014-02-123-0/+141
| |
| * array: Add array_sort functionTobias Brunner2014-02-124-1/+204
| |
| * libcharon: Remove unused charon->nameTobias Brunner2014-02-1210-21/+13
| |
| * charon-tkm: Use lib->ns instead of charon->nameTobias Brunner2014-02-123-5/+5
| |
| * libcharon: Use lib->ns instead of charon->nameTobias Brunner2014-02-1272-259/+255
| |
| * libhydra: Remove unused hydra->daemonTobias Brunner2014-02-1211-22/+12
| |
| * libhydra: Use lib->ns instead of hydra->daemonTobias Brunner2014-02-1210-30/+30
| |
| * libtls: Move settings to <ns>.tls with fallback to libtlsTobias Brunner2014-02-123-17/+21
| |
| * attr-sql: Use namespace for attr-sql config, with fallbackTobias Brunner2014-02-123-5/+12
| |
| * lib: All settings use configured namespaceTobias Brunner2014-02-1224-196/+196
| |
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-30 13:45:18 +0000